1. Field of the Invention
The present invention is related to the field of database management systems and, more particularly, to a system and method of implementing mandatory access control (MAC), as defined by the National Security Agency, through virtual data labeling.
2. Description of the Related Art
Access privileges on today's databases are protected by the database management system (DBMS) at the data element level. Data elements are typically arranged by column and are directed to categories such as cost, sales, inventory, etc. According to standard DBMS access controls, users authorized for a particular data element type can see all data within that data element type. For example, marketing users can access sales figures as a column, finance users can access cost data as a column, etc. This means that a user authorized to access a particular type of data can see every record within a column, including those records of competitors, as shown in FIG. 1.
There is a need in today's e-commerce and business-to-business markets for broader security access controls that are based on record categories. Records may be categorized by company name, contractual relationship, data sensitivity within the record, e.g., trade secret, etc. In addition, a need exists for privacy and a way of permitting users to access only their own records.
Unfortunately, most of today's data stores are not enabled to have fields that discriminate between rows based on user privileges. To provide a system, which is external to the DBMS, with the capability to discriminate based on row types, a toolkit is necessary which integrates legacy database information, current communications technology and the secure network system to deliver data to the appropriate users.
The two fundamental solutions today are application-specific coding and trusted facilities within the DBMS. Application-specific coding allows access at the type of record to be enforced, usually through what is called a “view” in DBMS and is applied on configurations such as that shown in FIG. 1. There is no securing facility is this approach or with applications using a File Management System (FMS). The second approach is to use ‘trusted’ DBMS's that support labeling (mandatory access control), or selected DBMS's that support dynamic labeling within the database which provide MAC-like DBMS enforcement within the access to the database. An example of the second approach is shown in FIG. 2. Both of these solutions are labor intensive and/or complex. The dynamic label approach requires no cataloging or programming, but uses the content of databases to virtually define, at the time of access, who can access the content. This decision making is accomplished by a policy that restricts access on the basis of data value.